CVE-2019-10012

Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the Moxie Manager plugin before 2.1.4 in the ICSICS.NETICSFileServer/moxiemanager directory.
Source: NIST
CVE-2019-10012